In June, Galveston County (Texas) discovered that it had paid over $525,000 to someone it didn’t owe money to, a scam artist posing as a representative of a firm doing work for the county. The author contends this would be nearly impossible in a system of smart contracts described herein.
The scammer used social engineering to talk his way into a small fortune. According to the most recent reporting, the funds have never been recovered, prompting a local judge to call for the resignation of the two parties he feels most responsible.
Note: the author’s opinions are his own and do not reflect the views of CCN or its other staff.
Join CCN for $9.99 per month and get an ad-free version of CCN including discounts for future events and services. Support our journalists today. Click here to sign up.
Chron.com’s Nick Powell writes:
While the stolen funds are a tiny fraction of Galveston County’s $149 million budget, similar cyber attacks have raised the alarm in other Texas localities, including in Harris County, where $888,000 was nearly stolen by a person posing as an accountant with a Hurricane Harvey contractor. The city of El Paso was also robbed of $3 million in 2016 from a phony vendor.
Human error beats all in the rock, paper, scissors of life. Police entrusted with law and order frequently misapply it. People forget their passwords or lose their two-factor authentication devices. And occasionally clerks part ways with hundreds of thousands of dollars of their constituency’s money.
If only there were a technology that could prevent such nonsense. Something secure, with built-in authentication and protocols to prevent both fraud and default. If only – ah, wait. There is such a thing. The very technology we cover most frequently here at CCN: blockchains and smart contracts.
How A Smart Contract Could Have Prevented The Fraud In Galveston County
One thing ought to be made clear here: the situation of a municipality paying and offering contracts does not necessarily present a use case for a fully decentralized blockchain. Nor does it exactly refute the need of one, but hear the author out.
Instead, let’s talk about a distributed, permissioned ledger. Not only because it’s easier for local mandarins to stomach if they know they have the ability to override mistakes, but also because ultimately the immutable rules of cryptographic smart contracts have to be cognizant of the ebb and flow of laws and regulations.
This is to say, a real value in such a smart contract would be its ability to provide reversibility, something cryptonaughts have often lamented about the existing financial system but which in this case did not work out for Galveston County.
This idea might be unpopular, so why not elaborate some?
First of all, reversibility would be far less necessary in a system where users are required to authenticate themselves in order to receive payment, not simply convince a few clerks that they were the real McCoy. Secondly, contractors would be incentivized to protect their authentication credentials, because if the system were properly designed, the funds would only be allocated to such contracts once. Meaning that if by some means an attacker compromised the credentials of the contractor and eventually got away with the money, it’s coming out of the contractor’s payment, not the taxpayer’s pockets.
Transparency and AML-Friendly Stablecoins To The Rescue
But smart contracts provide other important benefits for municipal contracting systems.
For one, the strict implementation of milestones would become possible. A contractor is paid based on progress, an agreed-upon amount at a time. This would open competition and save taxpayers money. Some contractors are more efficient than others. Those who can bid shorter times and lower prices across the board will win, while those who actually perform will win future bids. A separate bid on each milestone of a project can be made.
Of course, the most important part of this for the public would be that the important details of the transactions would become publicly available. Deadlines on specific aspects of projects, who is doing the work, and how much it is costing the taxpayer would create a degree of accountability not available in the opaque systems of present day. There is a chance it would make civic participation interesting to more citizens, as they can now gather facts without nearly the effort.
As to the actual payment mechanism, well, that’s the trickiest part. The author doesn’t advocate that suddenly contractors must be paid in Bitcoin, but perhaps stablecoins could be considered as the tokens that would be locked in the smart contracts, with the payer footing the cost of transaction fees and compensating for tax liabilities incurred. The system would have to project enough savings overall to be viable.
But one thing that would be less likely, if even possible, in a system where code backed by laws was the final arbiter: the theft of many thousands of dollars with a few phone calls and falsified documents. A much greater effort would be required to conduct such theft, and ultimately if stablecoins were used, the realization of such proceeds would be far harder to achieve than with regular old fiat cash.
Images from Shutterstock.